Release News

Joomla! 1.5.6 Released

Joomla 1.5.6 Security Release

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.6 [Vusani]. This is a quick turnaround security release to address a high level security issue and it is recommended all users upgrade immediately.

For more information about this exploit, click here to visit the Joomla Security Blog.

Instructions

Download the Joomla 1.5.6 full package now

Download update packages


Release Notes

  • SECURITY [HIGH] Fixed security hole in reset logic to check for proper token length.

Manual Installation

Download the Joomla! 1.5.6 Security Patch changed files only


For some users a manual installation of the 1.5.6 Security Patch is a faster process. To manually apply the 1.5.6 Security Patch, upload the following files, replacing the existing files:

		components/com_user/models/reset.php
		changelog.php
		includes/framework.php
		administrator/includes/framework.php
		libraries/joomla/version.php
		libraries/joomla/environment/uri.php

This patch will only update installations of Joomla 1.5.5. If you're using an earlier version, it is recommended you update prior to updating these files.

Joomla! 1.5.5 Released

Image

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.5 [Mamni]. This is a quick turnaround release to address the Duplicate Title error from 1.5.4 . This release also contains important SEF URL improvements and fixes for com_content in addition to a number of bug fixes and improvements. It has been nearly three weeks since Joomla! 1.5.4 was released on July 8, 2008. The Development Working Group 's goal is to continue to provide regular, frequent updates to the Joomla! community.

Instructions

Download Joomla! 1.5.5 and update packages

Want to test drive Joomla!? Try the online demo . Documentation is available for beginners.

Release Notes

  • Fix Duplicate Titles Bug
  • SEF URL improvements and fixes for com_content
  • Fixed error restricting Search to Article content, only
  • Archived Articles now link correctly with SEF URLs
  • Category Blog pagination and Link List corrected
  • Category List Menu Item and Frontend now allow List length selection
  • Fixed Contact Item Bad Word parameter that prevented email
  • Private Messaging Search now returns results
  • SWF Banner correction allowing definition of dimensions
  • Improved 403 reporting for Submit Article and Web link permission issues
  • "Register to Read More" fixes for Newsflash
  • Page Break and Read More fixes
  • JA Purity Hornav position, login token code, and language string fixes
  • BEEZ fieldset alignments for Search and Read More link corrections
  • Installer fixes for updates to Components and Modules
  • mosmsg now used by 1.0.x extensions

Read more: Joomla! 1.5.5 Released

Joomla! 1.5.4 Released

Joomla Logo Horz Color Thumbnail

The Joomla! community is pleased to announce the immediate availability of Joomla! 1.5.4 [Naiki]. This is a normal maintenance release which includes a few low to moderate security issues, many bug fixes, and several very nice improvements. It has been a little over ten weeks since Joomla! 1.5.3 was released on April 24, 2008. The Development Working Group's goal is to continue to provide regular, frequent updates to the Joomla! community containing the latest bug fixes and minor enhancements.

Instructions 

Download Joomla! 1.5.4 and update packages

Want to test drive Joomla!? Try the online demo. Documentation is available for beginners.

Release Notes

Bug Fixes

  • Major Cache overhaul, including unit testing for quality assurance
  • Router issues related to extending the router
  • Menu ordering issues when nested menus were used
  • Several Search component fixes, including the removal of HTML tags as possible search results
  • Menu permissions issues
  • Unpublished menu item issues, including fatal errors and allowing an unpublished menu item to be selected as default
  • Banners can handle Flash items
  • Polls and Latest and Most Popular articles listed in the Administrator now support GMT dates
  • Page titles now follow more consistent rules (see Page Title Parameters for more information)
  • Several OpenID improvements

Security Fixes

  • LDAP security fix to prevent unauthorized access to administration
  • Added security to file caching to prevent unauthorized access to cached pages
  • User Redirect Spam fix
  • htaccess global variable security fix when SEF is enabled (See .htaccess Security Fix)

Additions/Changes

  • OnBeforeContentSave and onAfterContentSave Event Triggers added (See Content Trigger Additions for more information)
    • Ability to abort a save by returning false in the onBeforeContentSave trigger
  • Added JA_Purity template (See JA_Purity Template for more information)
  • Help screens updated (See Help Screens for more information)
  • Supports installing site and admin languages in one package (See Language Installation Improvements for more information)
  • All line endings changed to \n instead of a mix of \r\n and \n

Read more: Joomla! 1.5.4 Released